WHAT YOU CAN DO: Allow IT to define security policies that dynamically apply themselves based on OT’s intentions and input.
WHY IT’S IMPORTANT: OT needs to be able to take ownership of security to ensure continuous operations, but requires IT expertise to do so.
WHAT YOU CAN DO: Create discrete network zones within your overall topology that restrict access and prevent infection.
WHY IT’S IMPORTANT: Cybercriminals are looking for any entrance point they can find. For example, one case of the WannaCry ransomware attack in May 2017 started from a single workstation that was connected to the network at large. Segmentation helps to prevent infections from spreading too far.
WHAT YOU CAN DO: Create a centralized network view so that OT can stay abreast of conditions and deep dive into individual assets.
WHY IT’S IMPORTANT: OT needs better context around security to successfully enforce it.
s
WHAT YOU CAN DO: Enable secure, remote access to securely bring in remote expertise such as contractors and vendors to help solve issues, apply patches, and more—without needing to involve IT in every incident.
WHY IT’S IMPORTANT: Allowing OT to enable access to select assets for third-party organizations helps increase agility and ensure continuous operations.